Introduction
I created this because when I read HTRegz’s tutorial about PyScan, I thought I should apply my modest VB skills and create a port scanner of my own.

This tutorial is aimed at VB programmers who are comfortable with the basics of the language. If there’s a lot of stuff you don’t understand here, you might want to read some more basic tutorials then come back to this one.

Attached is a ZIP file containing all the VB files. Download it and follow along; it will make it a lot easier. Enjoy!

Extra Components
Aside from all the normal frames, text boxes, command buttons, etc. you will need the Winsock control and the (optional) ProgressBar control. To insert these:

1. On the menu bar click Project -&gt; Components…
2. Scroll down in the list and insert a check box into “Microsoft Windows Common Controls 6.0” and “Microsoft Winsock Control 6.0”

Now you can insert the socket control and the progress bar. I’m not going to go into the details of setting up all the objects on the form. I’m assuming you already know how to do that.

This is called when the user clicks the Scan button. The code is pretty self-explanatory down to the For loop. Let’s look at the loop:

Code:

For I = 1 To txtMaxConn.Text
Load sckScan(I)

sckScan(I).Connect txtIP.Text, NextPort
NextPort = NextPort + 1

Next I

This is what sets off everything. As you can see, it loops from 1 to the user-specified amount in the maximum connections text box. Each time, it loads the next socket object. It connects then adds 1 NextPort so that another socket can scan the next port.

When the socket objects are initialized in Sub cmdScan_Click(), they attempt to connect to the remote machine. There are two possibilities: it connects successfully, or it can’t connect. When it connects successfully sckScan_Connect() is called:

Code:

Private Sub sckScan_Connect(Index As Integer)
'This Sub is called when the socket makes a successful connection. It prints the port to
'the text box and calls TryNext to connect the socket to the next port.
'---------------------------------------------------------------------------------------

This prints “Port #” to the text box (where “#” is the remote port). Then it calls TryNext(), a sub that will connect the socket again to another port.

Code:

Sub TryNext(Index)
'This Sub is called when a socket finishes trying a port. It closes the connection then
'connects the socket to the next open port.
'--------------------------------------------------------------------------------------

On Error Resume Next 'I had some errors with the progress bar so I added this statement.

'This If statement unloads the socket if there are no more ports to scan.
If NextPort &gt; txtMax.Text Then
Unload sckScan(Index)
Exit Sub
End If

sckScan(Index).Connect txtIP.Text, NextPort 'Connect to the target with the next port.

NextPort = NextPort + 1 'Increment the next port.

End Sub

Let’s walk through this step by step.

On Error Resume Next – If an error occurs, it will skip to the next line of code. I inserted this because I was having errors with the progress bar. Sloppy programming, no doubt :D. It works fine now, though.

sckScan(Index).Close – This closes the connection. If this statement wasn’t there, it wouldn’t allow the socket to connect. It can’t connect when it’s already connected! :p

prgProgress.Value = prgProgress.Value + 1 – This adds 1 to the value of the progress bar.

If NextPort &gt; txtMax.Text Then
Unload sckScan(Index)
Exit Sub
End If
This determines if there are no more ports to scan. If the next port is higher than the last port to scan, it unloads the socket object since it has no more to do.

sckScan(Index).Connect txtIP.Text, NextPort – Connects to next port.

NextPort = NextPort + 1 – adds 1 to NextPort for the use other sockets.

'Loop from 1 to the last Winsock control:
For I = 1 To sckScan.UBound
sckScan(I).Close 'Close the connection
Unload sckScan(I) 'Unload the control
Next I

End Sub

When the user clicks the Stop button, this loops from sckScan(1) to sckScan(UBound), (where UBound is the last object). It disconnects them then unloads them.

Conclusion
I think that’s about it. If you have any questions (I know sometimes I explain things in a way that only I understand) just ask and I’ll try to help you out. This is my first security tutorial so if I did something wrong, TELL ME so that I won’t do it in the future. I always welcome constructive criticism.

Look out for more VB tutorials from mjk in the future :D

mjk

EDIT:
New zip file uploaded 5/25/04. I fixed all the bugs I could find.

May 22nd, 2004, 10:57 PM

TheSpecialist

I haven't really read through this much at all. But one of the things I noticed was all these text boxes. You can use IsNumeric() to validate and check if certian user input is numeric characters or not.

May 23rd, 2004, 02:15 AM

mjk

Good point TS. I guess that is a little sloppy on my part.

mjk

May 23rd, 2004, 05:15 AM

TheSpecialist

No no no no... not at all. Mostly everything I make & post up here is done as a joke. The last time I made a port scanner in VB & posted it here I claimed "source commenting is for retards" shortly before one of the first things peaple responded and complained about was the lack of commenting and readability of the code.

If im not mistaken I beleave I also re-named a few variables & things as comic book characters, if you can actually read through it you'll also notice one's value is incorrect and I did it all just for shits and giggles. I dunno basicly just to see who would say something about it as opposed to who would mindlessly thank me for it one way or the other.

Ummm... I thought it was kinda funny & others didn't. I guess you had to have been there and seen it.

May 23rd, 2004, 05:43 AM

mjk

LOL :D Everyone has their sense of humor.

Anyways using IsNumeric() is still a good idea because if the user enters a letter for the port or something it will crash. It doesn't really matter though.. If you use it properly it will work fine. Later

mjk

May 24th, 2004, 05:40 AM

madsheep

Just to add this on, don't forget you can also checking what key they are pressing while they are in the text box. You can have it make sure they are entering in 0-9 or "." and just handle and ignore all other key presses (i.e. letters/special characters etc.)

May 24th, 2004, 08:25 AM

cybersamurai

whats the reference i need to use the .remoteport property????

May 24th, 2004, 08:27 AM

cybersamurai

brilliant stuff !!! the code was spot on!

May 24th, 2004, 12:43 PM

Falcon21

Hello, I am a beginner in VB. I have some questions: why is there a need for number of max connections and how many should one put? What if I put 1 max connection and it can't connect to a port, then the "sckScan_Connect(Index As Integer)" event procedure will not be executed? Then how it will scan the next port?

Is it better to declare the Index variable in Sub "TryNext(Index)" to "TryNext(Index as integer)"?

Btw, I haven't check out your attachment. :p

May 24th, 2004, 12:49 PM

PM8228

Quote:

brilliant stuff !!! the code was spot on!

Hardly. Some code for key press could be like the following...

Code:

Private Sub txtMin Change(Key as Integer)
If IsNumeric(Key) = False Then Exit Sub 'or whatever so that the text doesn't change. I'm doing thiso off the top of my head.
Exit Sub

-Cheers-

PSSPSPSPSPSSPSPSSPS - TS that was pretty funny. :) And it really isn't that hard to make a port scanner in VB, or most langauges.